1. Field
This development relates to data communications and methods and apparatus for intercepting data communications, particularly voice over IP data communications, in an IP network.
2. Description of the Related Art
The term “lawful intercept” is used to describe a procedure which allows law enforcement agencies to perform electronic surveillance of telecommunications. Lawful intercept of telecommunications, particularly phone calls, is premised on a notion that a law enforcement agency has identified a person of interest, obtained a legal authorization for the surveillance (for example, a judicial or administrative warrant), and then contacted the person's telecommunications service provider that will be required to provide the law enforcement agency with a real-time copy of the person's communications. This real-time copy can then be used by the law enforcement agency to monitor or record the person's communications. Within the framework of traditional telecommunications networks, such as, for example, the Public Switched Telephone Network (PSTN) or cellular networks, lawful intercept generally presents a purely economic problem for the service providers that have to ensure that sufficient interception equipment and dedicated links to the law enforcement agencies have been deployed to satisfy lawful intercept requirements mandated by law. However, in the context of Voice over Internet Protocol (VoIP) communications, in addition to the economic problems mentioned above, lawful intercept presents significant technological challenges which often makes compliance with legally mandated lawful intercept requirements exceedingly difficult.
The problem lies in the very nature of the VoIP technology and the Internet Protocol (IP) networks (for example, the Internet) that underlie it.
Traditional telecommunications networks are “connection-oriented” or “circuit-switched”. Communications over such networks occur via dedicated “circuits”. Although the networks typically comprise a plurality of available parallel paths, when a circuit is established, only a single one of the available paths is picked. In situations where a circuit has failure protection, a redundant path, also determined at the time of the circuit establishment, can also be reserved. Once the circuit is established, all communications traverse from end to end. Interception of such communications is easy as the service provider can “tap” the circuit at any point in the network that is under its lawful control.
In contrast to circuit-switched networks, IP-based networks are “connectionless” by design. A connectionless IP network essentially comprises a plurality of interconnected network devices (routers) which establish a plurality of paths from any point on the network to any other point. Information that needs to traverse an IP network is divided into small “packets”, each one comprising an IP header containing source and destination addressing information, and service flags; and user payload. The specific path that each packet in a communication between parties takes across an IP network is not determined in advance such as in a circuit-switched network. The path is defined on a hop-by-hop basis (router-by-router), each router at which the packet arrives examines the source and destination addresses contained in the IP header and applies a number of service variables such as hop-count (number of routers between the current router and the destination), latency and bandwidth of available links, and administrative considerations such as inter-provider agreements, to determine the next hop to which the packet will be forwarded. Because the service variables change dynamically, for example in response to a failure of a link in the network, the available paths may change significantly and it is impossible to reliably predict the path or paths that the packets that comprise a specific a specific communication will traverse. Furthermore, it is not even possible to predict the order in which the packets will arrive at their destination as the different paths taken may have different latency. While the plurality of available paths and out-of-order arrivals present no problems to IP-based applications that usually keep track of the packet sequence to reassemble the communication, the same factors present formidable problems for the lawful intercept of communication over IP networks, particularly lawful intercept of VoIP calls.
The problem of lawful intercept in VoIP systems is further exacerbated by the distributed technologies often utilized in such systems. While a VoIP caller typically communicates with a VoIP call controller to facilitate the connection to the VoIP callee, the actual communication between the parties typically occurs by establishing a direct IP connection between them using the User Datagram Protocol (UDP) to encapsulate audio information into IP packets. These packets may take any available path across the IP network as described above. Even if a service provider could place an interception device at every point in the network through which a subscriber's packet could traverse, in order to provide a useful copy of the communication to a law enforcement agency, the service provider would have to reassemble all of the intercepted packets at a single device and only then pass the result to the law enforcement agency. In essence, the service provider would have to mirror the functions of the callee VoIP telephone, except the packets that comprise the communication would have to be collected from multiple points in the network. The technological challenges and economic costs associated with this proposition have thus far resulted in lack of meaningful lawful intercept capabilities in VoIP systems.